MMORPGs have become extremely popular among network
gamers. Despite their success, one of MMORPG's greatest
challenges is the increasing use of game bots, i.e., autoplaying
game clients. The use of game bots is considered
unsportsmanlike and is therefore forbidden. To keep games
in order, game police, played by actual human players, often
patrol game zones and question suspicious players. This
practice, however, is labor-intensive and ineffective. To address
this problem, we analyze the traffic generated by human
players vs. game bots and propose solutions to automatically
identify game bots.

Taking Ragnarok Online, one of the most popular MMOGs,
as our subject, we study the traffic generated by mainstream
game bots and human players. We find that their traffic
is distinguishable by: 1) the regularity in the release time
of client commands, 2) the trend and magnitude of traffic
burstiness in multiple time scales, and 3) the sensitivity to
network conditions. We propose four strategies and two integrated
schemes to identify bots. For our data sets, the
conservative scheme completely avoids making false accusations
against bona fide players, while the progressive scheme
tracks game bots down more aggressively. Finally, we show
that the proposed methods are generalizable to other games
and robust against counter-measures from bot developers.